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CLAIMS: 



1 - A method of facilitating access control to content, 

the method involving entities each being identified by a unique identifier, 
the method further involving revocation of at least one unique identifier, 

where a revoked unique identifier is fiirther referred to as revoked 

5 identifier, 

tfie method comprising maintaining a local revocation list (165) that contains a 
list of revoked identifiers, 

receiving (302) a new revoked identifier (1 12), and 
subsequently conditionally updating (306) the local revocation list with the 
1 0 received new revoked identifier, 

characterized in that the method fixrther comprises 

an admission step (310) including takmg a random decision (304) before 
updating the local revocation Ust, the decision being 

either to ignore (307) the received new revoked identifier, 
15 or to update (306) the local revocation list witii the received new 

revoked identifier. 

2. The method according to claim 1, wherein a verification step (501-507) is 
executed in which 

20 a unique identifier is verified by comparing the imique identifier with the 

revoked identifiers in the local revocation list (165), and 

the unique identifier is considered to be revoked when the comparison finds a 
match between 

the unique identifier and 

25 one of tiie revoked identifiers in the local revocation list, further to be 

referred to as the matching identifier. 

3. The method according to claim 2, wherein 
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the unique identifier being verified is stored in a list of verified unique 
identifiers, and 

the random decision in the admission step (310) has a probability depending 
on a match of the new received revoked identifier with one of 
5 - file list of verified unique identifiers, 

- unique identifiers known to be used within the device, and 

- unique identifiers known to be used in neighboring devices. 

4. The method according to claim 1, wherein the random decision in the 

1 0 admission step (3 1 0) has a probability depending on at least one of: 

- characteristics of tiie received new revoked identifier, 

- characteristics and status of the local revocation list, and 

- device status 

15 5. The method according to claim 1, wherein the method fiirther comprises a 

selection step (405) in which a revoked identifier fi-ora the local revocation list which is 
going to be replaced is chosen randomly fi-om the local revocation list. 

6. The method according to claim 2 and 5, wherein the matching identifier is 
20 excluded 6rom replacement during the selection step (405). 

7. A system (1 00) for controlling access to content material (110), the system 
comprising 

a local revocation list (165) that contains a list of revoked identifiers, 
25 a receiver (1 50) for receivmg a new revoked identifier (1 12), and 

an updater (160) for conditionally updating the local revocation list with the 
received new revoked identifier, 
characterized in that 

the system fiirther comprises an admission device (155) arranged to take (304) 
30 a random decision 

either to ignore (306) the received new revoked identifier, 

or to update (307) the local revocation list with the received new 

revoked identifier. 
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8- The system according to claim 7, in which the system further comprises 

an access device (120) for controlling access to content material (1 10), 
the access device being identified by a unique identifier, 
the access of the access device to the content material is not being allow^ed if a 
5 match is found between 

the unique identifier of the access device, and 
an entry m the local revocation list (165). 

9. A device arranged 

10 to store and mamtain a local revocation list (165) that contains a list of 

revoked identifiers, and 

to receive a new revoked identifier (112), 
characterized in that the device 

is arranged to take (304) a random decision upon receiving the new revoked 

15 identifier 

either to ignore (306) the received new revoked identifier (1 12), 
or to update (307) the local revocation list with the received new 

revoked identifier. 



20 



1 0. A computer program product (181) capable to implement the metfiod 

according to claim 1. 



